Towards a Model for Risk and Consent Management of Private Health Information

  1. (PDF, 246 KB)
AuthorSearch for: ; Search for:
ConferenceThe Conference on Privacy, Security and Trust (PST2006), October 31, 2006., Toronto, Ontario, Canada
AbstractHealth information custodians and network providers within the circle of care for a patient must meet certain legal obligations regarding the collection, access and disclosure of personal health information. We present a framework for consent and risk management that can be used to help manage a patient?s consent for releasing personal health information, and analyze the risk involved in handling this type of data. A patient?s preferences for specific privacy policies (expressed in P3P) are elicited through querying, and extra information is inferred using a Bayesian network. A risk analysis is performed to help a custodian to make informed decisions when handling personal health information. Thus the custodian and provider can help each other meet their respective legal obligations, and patients are more easily able to exercise their privacy rights.
Publication date
AffiliationNRC Institute for Information Technology; National Research Council Canada
Peer reviewedNo
NRC number48746
NPARC number5764504
Export citationExport as RIS
Report a correctionReport a correction
Record identifiercd2724dc-cf5c-49b9-bc3f-08d1fd079aba
Record created2009-03-29
Record modified2016-05-09
Bookmark and share
  • Share this page with Facebook (Opens in a new window)
  • Share this page with Twitter (Opens in a new window)
  • Share this page with Google+ (Opens in a new window)
  • Share this page with Delicious (Opens in a new window)
Date modified: